---

### tags:

- name: "Setup DNS configuration for {{ inventory_hostname }} harbor"
  include_role:
    name: _digitalocean
    tasks_from: domain
  vars:
    record_data: "{{ stage_server_ip }}"
    record_name: "{{ inventory_hostname }}"

- name: 'Ensures {{ service_base_path }}/{{ inventory_hostname }} directory exists'
  file:
    state: directory
    path: '{{ service_base_path }}/{{ inventory_hostname }}'
  tags:
    - update_deployment
    - update_config

- name: Install pip dependencies
  ansible.builtin.pip:
    name: "{{ item }}"
  loop:
    - docker-compose

- name: 'Copy hacky upgrade script'
  template:
    src: 'hacky_harbor_upgrade.sh.j2'
    dest: '/root/hacky_harbor_upgrade.sh'
    owner: 'root'
    group: 'root'
    mode: '0744'
  tags:
    - upgrade-helper

# work around for DEV-271("container start failure after reboot")
- name: Ensure systemd file
  template:
    src: harbor-systemd.service.j2 
    dest: /etc/systemd/system/harbor.service
    owner: root
    group: root
    mode: 0755

- name: "Check if harbor tarball exists"
  stat:
    path: '{{ service_base_path }}/{{ inventory_hostname }}/harbor-offline-installer-{{ harbor_version }}.tgz'
  register: harbor_tarball

- name: Download harbor offline installer
  ansible.builtin.get_url:
    url: https://github.com/goharbor/harbor/releases/download/{{ harbor_version }}/harbor-offline-installer-{{ harbor_version }}.tgz
    dest: "{{ service_base_path }}/{{ inventory_hostname }}/harbor-offline-installer-{{ harbor_version }}.tgz"
  when:
    - not harbor_tarball.stat.exists

- set_fact:
    remote_docker_compose_file_path: '{{ service_base_path }}/{{ inventory_hostname }}/harbor/docker-compose.yml'

- name: "Check if {{ inventory_hostname }}/harbor/docker-compose.yml exists"
  stat:
    path: '{{ remote_docker_compose_file_path }}'
  register: harbor_installation

- name: Extract harbor-offline-installer-{{ harbor_version }}.tgz into {{ service_base_path }}/{{ inventory_hostname }}
  ansible.builtin.unarchive:
    src: "{{ service_base_path }}/{{ inventory_hostname }}/harbor-offline-installer-{{ harbor_version }}.tgz"
    dest: "{{ service_base_path }}/{{ inventory_hostname }}"
    remote_src: yes
  when:
    - not harbor_installation.stat.exists

- name: Ensure config template files are populated from templates/harbor
  template:
    src: "harbor.yml.j2"
    dest: "{{ service_base_path }}/{{ inventory_hostname }}/harbor/harbor.yml"
    owner: 'root'
    group: 'root'
    mode: 0644

- name: "Exec harbor install.sh "
  ansible.builtin.shell:
    cmd: './install.sh {{ harbor_install_opts | default("--with-trivy --with-chartmuseum") }}'
    chdir: '{{ service_base_path }}/{{ inventory_hostname }}/harbor/'
  ignore_errors: yes
  when:
    - not harbor_installation.stat.exists

- name: "Stopping harbor"
  community.docker.docker_compose:
    project_src: '{{ service_base_path }}/{{ inventory_hostname }}/harbor/'
    stopped: yes
  when:
    - not harbor_installation.stat.exists

- name: "ensure harbor systemd service also stopped"
  systemd:
    name: harbor
    state: stopped
    daemon_reload: yes
  when:
    - not harbor_installation.stat.exists

# create backup in case just sth weird had happened
- name: "Create backup of generated docker-compose.yml by install.sh"
  copy:
    src: '{{ remote_docker_compose_file_path }}'
    dest: '{{ remote_docker_compose_file_path}}_from_installsh'
    remote_src: yes
  when:
    - not harbor_installation.stat.exists

- name: "Create backup of common/config/nginx/nginx.conf"
  copy:
    src: '{{ service_base_path }}/{{ inventory_hostname }}/harbor/common/config/nginx/nginx.conf'
    dest: '{{ service_base_path }}/{{ inventory_hostname }}/harbor/common/config/nginx/nginx.conf_orig'
    remote_src: yes
  when:
    - not harbor_installation.stat.exists

- name:
  ansible.builtin.lineinfile:
    path: '{{ service_base_path }}/{{ inventory_hostname }}/harbor/common/config/nginx/nginx.conf'
    state: absent
    regexp: 'proxy_set_header'

- name: "Read remote docker-compose.yml from harbor DIR"
  ansible.builtin.slurp:
    src: '{{ remote_docker_compose_file_path }}'
  register: docker_compose_file_remote_encoded

- set_fact:
    harbor_dockercompose_merged: '{{ docker_compose_file_remote_encoded.content | b64decode | from_yaml | combine(harbor_dockercompose_customized, recursive=True) }}'

- name: "Create docker-compose.yml with merged VARs"
  copy:
    content: "{{ harbor_dockercompose_merged | to_nice_yaml(indent=2) }}"
    dest: '{{ remote_docker_compose_file_path }}'
    owner: 'root'
    group: 'root'
    mode: '0644'
  register: docker_compose_change

- name: "Ensure harbor systemd service restarted"
  systemd:
    name: harbor
    state: restarted
  when: docker_compose_change.changed

- name: "Ensure harbor systemd service started"
  systemd:
    name: harbor
    state: started